open innovation via java-enabled network devices
DESCRIPTION
Open Innovation via Java-enabled Network Devices. Tal Lavian [email protected]. Collaboration with Business Applications . New paradigm of distributed applications Network devices collaborating with business applications Application aware routing. Apps Server. Oplet. Oplet. Apps. Apps. - PowerPoint PPT PresentationTRANSCRIPT
Open Innovationvia Java-enabled Network Devices
Tal Lavian [email protected]
Collaboration with Business Applications • New paradigm of distributed applications • Network devices collaborating with business applications• Application aware routing
JVM
Oracle DBE-CommerceBusiness appsSAP , ERP,Optivity
RMI, XML, CORBAApps
SwitchRouterNet-Device
JVM
Apps
Apps Server
Oplet Oplet
Server Collaboration
• Supports distributed computing applications in which network devices participate– router to router– server to router
• Supports Intelligent Agents• Supports Mobile Agents
Java-basedApplication
Java-basedApplication
Java-basedApplication
Active Network Management
• Download Oplet Service to the device.
• Monitor MIB variables • Might be complex conditions• Trend analysis• DiffServ, RMON-II, etc… MIBs
• Report “events” to NMS – drop rate, packets/second
• Allow Service to take action• Download application • Adjust parameters based on
direction from NMS
Monitor
AppropriateApplication
Download
Download
Complex Condition Exceeded
NMS
No more polling
router
Extensive access to internal resources
Diagnostic Mobile Agents
• Automatic trace-route from edge router where problem exists.– Each node reached generates a report to NMS– Trace-route code “moves” to next node in path– Mobile agents identify router health– Create logs for NMS
Active Intrusion Detection
• Intruder is identified by Intrusion Detection software• Intruder signature is identified• Mobile agent is dispatched in direction of intruder
(based on physical port of entry)• Mobile agent “chases” intruder and terminates him
(shuts down link, reboot host, notify NMS)
ORE - Oplet Run-time Environment
Service A
JVM
ORE
Service B
Oplet 1
Service C
Oplet 2
Why ORE?
Java-enabled Device Architecture
Device HWOperating System
JVM
Oplet
C/C++API
JavaAPI
DeviceCode Oplet Runtime Env
DeviceDrivers
JNIJF
WD
API
ORE Service
Download
Separation of Control and Forwarding Planes
Centralized, Centralized, CPU-based RouterCPU-based Router
Forwarding-ProcessorsForwarding-Processors based Routerbased Router
Control + ForwardingControl + ForwardingFunctions combinedFunctions combined Control separatedControl separated
From forwardingFrom forwarding
CPU
Routing SW
CPU
Control Plane
Forwarding Processor
Forwarding Processor
Forwarding Processor
Slow Wire Speed
Dynamic Configuration of Forwarding Rules
CPU
ForwardingProcessor
ForwardingProcessor
ForwardingProcessor
ForwardingProcessor
ForwardingRules
SW
HW
ForwardingRules
ForwardingRules
ForwardingRules
AN Apps
Real-time forwarding Stats and Monitors
CPU
SW
HW
AN Apps
ForwardingProcessor
ForwardingRules
Statistics &Monitors
ForwardingProcessor
ForwardingRules
Statistics &Monitors
ForwardingProcessor
ForwardingRules
Statistics &Monitors
Packet Capture
CPU
ForwardingProcessor
ForwardingProcessor
ForwardingProcessor
ForwardingProcessor
Oplet
JFWD to Divert or Copy
Wire Speed
Pac k
et
Dynamic - On the Fly Configuration
ForwardingProcessor
ForwardingProcessor
Pack
et
Policy
Filters
Dynamic Apps
Packet
Pack
et
Filte
r
Dynamic DiffServ Classification
ForwardingProcessor
ForwardingProcessor
Policy
Filters
ORE Service
Packet
Pack
et Filte
r
• Sample packets, set filters to modify DS-byte for Per-Hop-Behavior modification
Packet
Control
Plane